- InfoSecSam's Newsletter
- Posts
- Cypto Theft, Cyber Insurance, FREE Risk Report & More
Cypto Theft, Cyber Insurance, FREE Risk Report & More
This week's newsletter
Recent News
Crypto Scam
Two individuals have been indicted in the U.S. for orchestrating a social engineering scheme to steal cryptocurrencies. The hackers allegedly used phishing attacks to gain unauthorised access to high-profile social media accounts and wallets.
They targeted victims by impersonating trusted contacts, leading to the theft of significant funds. This case highlights the growing trend of social engineering tactics in cybercrime.
Phishing attacks still remain a successful tool for attackers and is especially useful when it comes to cryptocurrency based attacks. When it comes to your valuable assets its best to treat everything as a potential scam!

Cyber Cover Changes
Cyber insurance is standard for digital organisations’ nowadays. However, things are about to get a lot more expensive as insurers tighten requirements and raise premiums due to increasing ransomware incidents.
It’s not all bad, the stricter requirements are forcing companies to implement good security practices such as multi-factor authentication and regular security audits, to qualify for coverage.

Other News
23andMe $30MtoYou - Personal genetics firm 23andMe has agreed to pay $30 million in cash to settle a class action lawsuit filed over a 2023 data breach impacting millions of people.
Salesforce Patch - A flaw that impacted Salesforce’s public link feature and involved manipulation of API calls and SOQL subqueries to retrieve customer information was recently patched.
Disney cut Slack - Disney to stop using Slack months after it was used to breach internal company data. Check out my TikTok post on this story when it first broke:
@infosecsam Disney has suffered a data breach 😟 #databreach #disney #cybersecurity #starwars #marvel #hacktivist #hackers #insider
Career Development
FREE CISA Risk and Vulnerability Report
CISA has published a report describing findings from risk and vulnerability assessments conducted in 2023. The findings, based on 143 assessments, show that valid accounts and spear-phishing links are the most widely used techniques for obtaining initial access to systems.
This is extremely useful for any cybersecurity professional to understand the current threats being used by attackers. Download the report below!